//@login & register
const express = require('express')
const bcrypt = require('bcrypt')
const gravatar = require('gravatar')
const jwt = require('jsonwebtoken')
const passport = require('passport')
const router = express.Router()

const User = require('../../models/User')
const keys = require('../../config/keys')

// $router GET api/users/test
// @desc 赶回请求数据的json数据
// @access public

// router.get("/test", (req,res) => {
//   res.json({
//     msg:"login works"
//   })
// })

// $router POST api/users/register
// @desc 赶回请求数据的json数据
// @access public
router.post("/register", (req,res) =>  {
  // console.log(req.body)
  //查询数据库中是否有邮箱
  User.findOne({email:req.body.email})
      .then((user) => {
        if (user) {
          return res.status(400).json("邮箱已被注册！")
        } else {
          const avatar = gravatar.url(req.body.email, {s: '200', r: 'pg', d: 'mm'})

          const newUser = new User({
            name: req.body.name,
            email: req.body.email,
            password: req.body.password,
            avatar,
            identity: req.body.identity
          })

          bcrypt.genSalt(10, (err, salt) => {
            bcrypt.hash(newUser.password, salt, (err, hash) => {
                if (err) throw err

                newUser.password = hash
                newUser.save()
                       .then(user => res.json(user))
                       .catch(err => console.log(err))
            })
          })
        }
      })
})

// $router POST api/users/login
// @desc 返回token jwt passport
// @access public
router.post("/login",  (req,res) => {
  const email = req.body.email
  const password = req.body.password
  //查询数据库
  User.findOne({email})
      .then(user => {
        if (!user) {
          return res.status(404).json("user is no exit")
        }
        //密码匹配
        bcrypt.compare(password, user.password)
              .then(isMatch => {
                if (isMatch) {
                  //jwt创建token
                  //sign('规则','加密名字','过期时间','箭头函数')
                  const rule = {
                    id:user.id,
                    name:user.name,
                    avatar:user.avatar,
                    identity:user.identity
                  }
                  jwt.sign(rule, keys.secretOrKey, { expiresIn:3600 }, (err,token) => {
                    if (err) throw err
                    res.json({
                      success:true,
                      token:"Bearer " + token
                    })
                  })
                  // res.json({msg:"success"})
                } else {
                  return res.status(400).json("密码错误")
                }
              })
      })
})

// $router GET api/users/current
// @desc return current user
// @access private

router.get("/current", passport.authenticate("jwt", {session: false}), (req, res) => {
  res.json({
    id: req.user.id,
    name: req.user.name,
    email: req.user.email,
    identity: req.user.identity
  })
})

module.exports = router